I'm using bind (named) name server to have a local DNSBL. The problem is, I'm getting 500+ spam mails a day from certain IP blocks and adding all the IPs one by one is an absurd amount of work.
Is it possible to define IP ranges in the zone file and if so, how?
I did google extensively but the DNSBL topic is very underrepresented in the search results.
here's a snippet of the record:
$TTL 1W
@ IN SOA localhost. root.localhost. (
2008122601 ; Serial
28800 ; Refresh
14400 ; Retry
604800 ; Expire - 1 week
86400 ) ; Minimum
@ IN NS localhost.
@ IN A 127.0.0.1
@ IN AAAA ::1
;------------------------------------------------------------------
2.0.0.127 IN A 127.0.0.2
IN TXT "example.com test record"
3.0.0.127 IN A 127.0.0.3
IN TXT "example.com verified spam source"
10.0.0.127 IN A 127.0.0.10
IN TXT "example.com confirmed DUL range"
;------------------------------------------------------------------
23.85.173.113 IN A 127.0.0.3
253.139.2.198 IN A 127.0.0.3
212.170.54.142 IN A 127.0.0.3
6.11.28.50 IN A 127.0.0.3
64.240.56.149 IN A 127.0.0.3
15.223.225.110 IN A 127.0.0.3
; etc
If you know DNSBL, you know those IPs are in reverse digit order e.g. 1.2.3.4.localhost. becomes 4.3.2.1.localhost.
So to repeat myself, how, if it's possible at all, do I define an IP range, let's say 1.2.3.0/24?
Yes, you use wildcards.
In the example of 1.2.3.4, you write
*.3.2.1 IN A 127.0.0.3
dig @127.0.0.1 4.3.2.1.localhost found
dig @127.0.0.1 254.3.2.1.localhost found
dig @127.0.0.1 4.4.2.1.localhost not found